<?php
//Set up the system
require('config.include.php');
//Auth stuff
require('auth.include.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Add A User</title>
<link rel="stylesheet" href="admin.css" />
</head>

<body>
<div id="wrapper">
	<div id="header">
    	<?php echo('<a href="../" class="breadcrumb">'.SITE_TITLE.'</a> &raquo; <a href="dashboard.php" class="breadcrumb">Dashboard</a> &raquo; <a href="adduser.php" class="breadcrumb">Add A User</a>'); ?>
    </div>
    <div id="sidebar">
<?php
	require('nav.include.php');
?>
    </div>
    <div id="content">
        <div class="contentblock">
			<?php
                $printform=true;
                if(isset($_POST['addnewusername'])) {
                    //Fix post data
                    if($_POST['addnewusername']==='' || $_POST['addnewpassword']==='') {
                        echo('<h2 class="red">Error</h2>
                        Please fill in all the fields.');
                    }
                    else {
                        if ($_POST['addnewpassword']===$_POST['confirmpassword']){
                            if(preg_match('/^[a-zA-Z0-9_-]+$/i', $_POST['addnewusername'])) {
                                if($_p->create_user($_POST['addnewusername'], $_POST['addnewpassword'])){
                                    echo('<h2>User Added!</h2>
                                    The user "'.$_POST['addnewusername'].'" was added successfully.<br />
                                    <a href="dashboard.php">Return to dashboard</a>');
                                    $printform=false;
                                }
                                else {
                                    $printform=true;
                                }	
                            }
                            else {
                                echo('<h2 class="red">Error</h2>
                                Usernames may only contain letters, numbers, dashes and underscores<br />');
                            }
                        }
                        else {
                            echo('<h2 class="red">Error</h2>
                            Your passwords did not match.<br />');
                        }
                    }
                }
                
                if($printform) {
                echo('
                    <form action="adduser.php" method="post">
                        <h2>Username</h2>
                        <input type="text" class="full" name="addnewusername" value="'.$_POST['addnewusername'].'"/>
                        <h2>Password</h2>
                        <input type="password" class="full" name="addnewpassword" value=""/>
                        <h2>Confirm Password</h2>
                        <input type="password" class="full" name="confirmpassword" value=""/>
                        <br/><br/><input type="submit" name="adduser" value="Add User" />
                    </form>
                ');
                }
            ?>
		</div>
    </div>
    <div id="footer">
    </div>
</div>
</body>
</html>